https://github.com/osquery/osquery logo
Powered by
Title
a

alessandrogario

08/15/2022, 2:25 PM
Hey @Gabriel Artico, welcome! Let me reference your question here in this channel https://osquery.slack.com/archives/C08V7KTJB/p1660573026129749
g

Gabriel Artico

08/15/2022, 2:27 PM
Hello @alessandrogario thaanks for that!
r

roberto

08/15/2022, 3:11 PM
hey @Gabriel Artico, could you give us more details? do you have access to the Windows machines? could you follow the osquery section of the debugging docs in the host machines to try to get some information?
k

Kathy Satterlee

08/17/2022, 4:36 PM
@Gabriel Artico Did those Windows hosts show up for you?
Interesting. I did a quick 
cURL
on the endpoint and didn't see any redirects. Is it possible to test that on one of the hosts that's showing offline? 
curl -X -iL POST <https://fleet.ze.delivery/api/v1/osquery/enroll>
It should result in the following error: 
{
  "message": "Expected JSON Body",
  "errors": [
    {
      "name": "base",
      "reason": "Expected JSON Body"
    }
  ]
}
Do you see any indication that the requests are making it through to the server in the Fleet logs? Do those hosts have anything else that sets them apart from the hosts that are responding correctly (AV software, VPN, Firewall settings)?
\* When checking the server logs, you'll see some errors from me pinging the server.
6 Views
#fleetJoin Slack
Powered by